Smart Scraper
Security checks across malware telemetry and agentic risk
Overview
This appears to be a disclosed WeChat article-drafting automation skill, with sensitive credentials and dependency risks users should handle carefully.
Install only if you intend to let this skill use your WeChat Official Account credentials to create drafts. Use a test or least-privilege account where possible, keep secrets out of shared files, verify any AI image endpoint before entering an API key, and review drafts before publication.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
58/58 vendors flagged this skill as clean.